/**
 * Software License, Version 1.0
 * 
 * Copyright 2003 The Trustees of Indiana University.  All rights reserved.
 * 
 *
 *Redistribution and use in source and binary forms, with or without 
 *modification, are permitted provided that the following conditions are met:
 *
 *1) All redistributions of source code must retain the above copyright notice,
 * the list of authors in the original source code, this list of conditions and
 * the disclaimer listed in this license;
 *2) All redistributions in binary form must reproduce the above copyright 
 * notice, this list of conditions and the disclaimer listed in this license in
 * the documentation and/or other materials provided with the distribution;
 *3) Any documentation included with all redistributions must include the 
 * following acknowledgement:
 *
 *"This product includes software developed by the Community Grids Lab. For 
 * further information contact the Community Grids Lab at 
 * http://communitygrids.iu.edu/."
 *
 * Alternatively, this acknowledgement may appear in the software itself, and 
 * wherever such third-party acknowledgments normally appear.
 * 
 *4) The name Indiana University or Community Grids Lab or NaradaBrokering, 
 * shall not be used to endorse or promote products derived from this software 
 * without prior written permission from Indiana University.  For written 
 * permission, please contact the Advanced Research and Technology Institute 
 * ("ARTI") at 351 West 10th Street, Indianapolis, Indiana 46202.
 *5) Products derived from this software may not be called NaradaBrokering, 
 * nor may Indiana University or Community Grids Lab or NaradaBrokering appear
 * in their name, without prior written permission of ARTI.
 * 
 *
 * Indiana University provides no reassurances that the source code provided 
 * does not infringe the patent or any other intellectual property rights of 
 * any other entity.  Indiana University disclaims any liability to any 
 * recipient for claims brought by any other entity based on infringement of 
 * intellectual property rights or otherwise.  
 *
 *LICENSEE UNDERSTANDS THAT SOFTWARE IS PROVIDED "AS IS" FOR WHICH NO 
 *WARRANTIES AS TO CAPABILITIES OR ACCURACY ARE MADE. INDIANA UNIVERSITY GIVES
 *NO WARRANTIES AND MAKES NO REPRESENTATION THAT SOFTWARE IS FREE OF 
 *INFRINGEMENT OF THIRD PARTY PATENT, COPYRIGHT, OR OTHER PROPRIETARY RIGHTS. 
 *INDIANA UNIVERSITY MAKES NO WARRANTIES THAT SOFTWARE IS FREE FROM "BUGS", 
 *"VIRUSES", "TROJAN HORSES", "TRAP DOORS", "WORMS", OR OTHER HARMFUL CODE.  
 *LICENSEE ASSUMES THE ENTIRE RISK AS TO THE PERFORMANCE OF SOFTWARE AND/OR 
 *ASSOCIATED MATERIALS, AND TO THE PERFORMANCE AND VALIDITY OF INFORMATION 
 *GENERATED USING SOFTWARE.
 */
package cgl.narada.service.security.impl;

import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Security;
import java.util.Hashtable;

import javax.crypto.SecretKey;

import cgl.narada.service.ServiceException;
import cgl.narada.service.security.EntityKeyManagement;

/** Performs KeyManagement releated operations for an entity.
    
    $Date$
    $Revision$
*/

public class EntityKeyManagementImpl implements EntityKeyManagement{

  private Hashtable providers;
  private Hashtable keyPairs;
  private Hashtable templateKeys;

  private String moduleName = "EntityKeyManagementImpl: ";

  public EntityKeyManagementImpl() throws ServiceException {
    providers = new Hashtable();
    keyPairs = new Hashtable();
    templateKeys = new Hashtable();

    Provider cryptixCrypto = new cryptix.jce.provider.CryptixCrypto();
    try {
      Security.addProvider(cryptixCrypto);
      providers.put("CryptixCrypto", cryptixCrypto);
    } catch (SecurityException secEx) {
      throw new ServiceException(moduleName + secEx.toString());
    }
  }


  /** A method that can be used by a client to generate a personal-key pair,
      a given client may specifiy the algorithm to do so, and also the
      provider */
  public KeyPair 
  generatePersonalKeyPair(String algo, int strength, String provider, 
			  String alias) throws ServiceException {
    if (!providers.containsKey(provider)) {
      throw new ServiceException(moduleName + "Unknown provider [" + 
				    provider + "]");
    }
    
    KeyPairGenerator keypairGen=null;
    try {
      keypairGen = KeyPairGenerator.getInstance(algo, provider);
    } catch (Exception secEx) {
      throw new ServiceException(moduleName + "No such algorithm/provider ->" 
				 +  secEx.toString());
    }
    SecureRandom secRand = new SecureRandom();
    keypairGen.initialize(strength, secRand);
    KeyPair keyPair = keypairGen.generateKeyPair();

    Object entityKey = alias;
    if (keyPairs.containsKey(entityKey)) {
      keyPairs.remove(entityKey);
    }

    keyPairs.put(entityKey, keyPair);
    return keyPair;
  }

   
  /** Retrieve the personal public key associated with an entity */
  public PublicKey getPersonalPublicKey(String alias)
    throws ServiceException {
    
    Object entityKey = alias;
    if (!keyPairs.containsKey(entityKey)) {
      throw new ServiceException(moduleName + "Entity [" + alias + 
				 "] did not previously register a key pair");
    }

    KeyPair personalKeyPair = (KeyPair) keyPairs.get(entityKey);
    
    return personalKeyPair.getPublic();
  }


  /** Retrieve the personal public key associated with an entity */
  public PrivateKey getPersonalPrivateKey(String alias)
    throws ServiceException {
    
    Object entityKey = alias;
    if (!keyPairs.containsKey(entityKey)) {
      throw new ServiceException(moduleName + "Entity [" + alias + 
				 "] did not previously register a key pair");
    }

    KeyPair personalKeyPair = (KeyPair) keyPairs.get(entityKey);
    
    return personalKeyPair.getPrivate();
  }
  
  
  
  
  /** Get the secret template key associated with a templateId */
  public SecretKey getTemplateKey(int templateId)
    throws ServiceException {
    
    Object templateKey = new Integer(templateId);
    
    if (!templateKeys.contains(templateKey)) {
      throw new ServiceException(moduleName + "Secret Key for template [" + 
				 templateId + "] not previously registered!");
    }
    
    SecretKey templateSecretKey = (SecretKey) templateKeys.get(templateKey);

    return templateSecretKey;

  }


  
}
